CVE-2025-38711 in Linuxinformação

Sumário

de MITRE • 04/09/2025

In the Linux kernel, the following vulnerability has been resolved:

smb/server: avoid deadlock when linking with ReplaceIfExists

If smb2_create_link() is called with ReplaceIfExists set and the name does exist then a deadlock will happen.

ksmbd_vfs_kern_path_locked() will return with success and the parent directory will be locked. ksmbd_vfs_remove_file() will then remove the file. ksmbd_vfs_link() will then be called while the parent is still locked. It will try to lock the same parent and will deadlock.

This patch moves the ksmbd_vfs_kern_path_unlock() call to *before* ksmbd_vfs_link() and then simplifies the code, removing the file_present flag variable.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsável

Linux

Reservar

16/04/2025

Divulgação

04/09/2025

Moderação

aceite

Entrada

VDB-322571

CPE

pronto

EPSS

0.00111

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!